Millions of Android phones pre-installed with spyware

A recent report has revealed that Android phones by ZTE, Lenovo and other brands may be running spyware apps. It seems that this is the same firmware, which was blamed for spying owners of Blu R1 HD phones in the United States last month. The firmware in question is from the Chinese company Adups.

Mobile security company Trustlook says the security flaw has been found in 43 other manufacturers. According to the company, Adups comes pre-installed on some 700 million Android devices. This puts users at risk of having text messages, call histories, and device information collected without their knowledge or consent.

"People like to think their brand new phone is clean and free of malware, but that is not always the case," said Trustlook in a blog post. "Some smartphone manufacturers choose to use a third party FOTA (Firmware Over-The-Air) service instead of Google's, which can pose serious security risks. This is what happened in the case of Shanghai based ADUPS Technology Co."

"The app comes preinstalled on the device," explains Trustlook. "It collects many types of user information. In addition to specifications such as IMEI, IMSI, MAC address, version number, and operator, this app attempts to collect user's SMS text messages and call logs. More troubling is that all of these procedures are done without user's consent and are processed in the background."